Slashdot Log In
First-Ever Photo Tour of Defcon's Network Center
Posted by
timothy
on Monday August 11, @01:10PM
from the sniffer-dogs-eh dept.
from the sniffer-dogs-eh dept.
Kugrian writes "With over 9,000 hackers, freaks, feds, and geeks attending Defcon 16, the temporary wireless network setup there is considered the most hostile on the planet. Run by a dedicated group of volunteers known as Goons, the basement Defcon Network Operations Center is secured by means of a chain-link fence and armed guard. The 20-megabit connection, which is twice as fast as Defcon 15, runs over a point-to-point wireless link to another hotel that has point-of-presence in their basement. Wired's Threat Level blog managed to secure the first ever photo tour of the Center showing Goons, hardware and sniffer dogs." Reader TXISDude, who was at Defcon, doubts that attendance was as high as 9,000. Update: 08/13 18:14 GMT by T : Dave Bullock, the Wired photographer who shot these pictures, backs up that figure, though: "I interviewed Joe Grand, the badge designer a few weeks before the con. They ordered 8,600 total badges. They ran out of badges. There were hundreds of people with paper badges."
Related Stories
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Full
Abbreviated
Hidden
Loading... please wait.
WHAT?!?! (Score:4, Funny)
Reply to This
The problem with sniffer dogs... (Score:5, Funny)
...is that they are always humping your legs as soon as you put them in promiscuous mode.
Reply to This
Is this K-9? (Score:5, Funny)
...showing Goons, hardware and sniffer dogs.
These guys must be extremely high-tech if their security dogs can sniff wireless!
Reply to This
I am so behind the times (Score:4, Informative)
Reply to This
Re:I am so behind the times (Score:5, Funny)
Reply to This
Parent
Re:I am so behind the times (Score:5, Funny)
It's Defcon 2.0. They're trying to jazz up their image a little bit and make it more inter-webby.
Reply to This
Parent
Security thru Obscurity (Score:5, Insightful)
If these guys wanted any kind of openness with security, these pictures would be on the DEFCON index page instead of some kinda "security through obscurity" nonsense where only just now are we seeing how they are running the network. If it gets hacked, that should be part of the conference -- how it was compromised, what to do to protect it better, etc.
Reply to This
Re:Security thru Obscurity (Score:5, Insightful)
Reply to This
Parent
Come on, china is more hostile... (Score:4, Insightful)
The Defcon network is bad if you are a sheep, but if you jsut treat it like you are going to visit China (with a return trip through US Customs), its not that bad...
New system, everything through an SSH tunnel, only your necessary working set, and temporary login credentials to throwaway accounts, and its all good!
Reply to This
Sniffer Dogs, (Score:4, Funny)
please don't pee on the routers!! You will void Cisco's warranty.
Reply to This
A challenge for you experts (Score:4, Insightful)
Yes, their network setup looks.. uhmmm... temporary and built with something less than a multimillion dollar budget. So, how would you build a wireless network for '9000' hackers?
Pretend you have some assets already plus $10,000 to spend. How would you build the temporary network?
I've seen a lot of 'how they did it' infrastructure articles, and lots of smirking here, so how would YOU build that network?
Reply to This
And you think this is fast (Score:5, Informative)
Try going to Europe. Last time I went to the CCC Congress in Berlin the uplink was 600 mbit. They usually put up signs on the second deay stating "use more bandwidth."
Usually crappy US show network. Go over to Europe where they know how to put on a show. Very few rules and even those are flexible.
Oh, and the number of machines stolen over the past 23 years can be counted on one hand.
http://events.ccc.de/congress/2005/fahrplan/attachments/652-slides_network_review.pdf
Reply to This
pf Config (Score:4, Interesting)
TFA says that "...a quad-core Xeon running OpenBSD and employing pf to filter and shape traffic" is in place. I think it'd be excellent if they'd release the config for this so that we may all learn from it.
Release it after the con, that is, just in case there's a hole found in it...
Reply to This
Over 9000 (Score:5, Informative)
Reply to This
Re:This remindes me of the TSA (Score:4, Funny)
Reply to This
Parent
Re:This remindes me of the TSA (Score:5, Funny)
It completely replaces IT management at a fraction of the cost.
Reply to This
Parent
Re:I fail to see what's so spectacular about this (Score:5, Informative)
Wow... Someone has a serious lack of Imagination. Here is what is special about this:
These guys manage the most actively hostile network on the planet. Just bringing your laptop/cell phone/PDA within wireless range of this event is asking for trouble. These are the people that put your username/password up on a giant wall of sheep [makezine.com] if you choose to use an unencrypted connection for e-mail/web browsing.
Have you considered the challenges of maintaining a server in this environment? You are one giant target for the world's largest collection of black/grey/red-hats in the world. Let's just say that there would be a substantial amount of "iStreet-cred" if you were to 0wn the firewall.
Now, if you read the article, they describe how they setup their wireless network. They keep things very simple and maintain centralized configurations. If you are setting up a network in a potentially hostile environment, their model is a good one to follow. Why? Here [defcon.org] are a few reasons:
Think your network can handle that? Let's take a look at one of the interesting ones - the Rogue AP's.
The people that run defcon (and many of the attendees) eat these attacks for lunch. These people triangulate wireless signals within a high-em noise environment with enough multipath to give K-9 [wikipedia.org] a headache. They manage to actively seek and destroy rogue AP's (not to mention the ARP spoofing!) while maintaining a healthy network. You don't think that's special!?
Now, what about hardware reliability? Heck, if I had a choice between two pieces of gear and one of them had a "Survived DefCon 2008" sticker on it, I could tell you what I would be picking up. They had a nice Cisco fiber switch (no real surprise) but I have never heard of the Aruba [arubanetworks.com] AP's before. I know I'll at least check them out now. Do you not think that exposing battle-proven hardware to electronics-consuming people is special?
Look at the software too. BSD & pf. No real surprise there either. When you want ungodly-stable network filtering - that is the way to go. Don't take my word for it. Heck, don't take BSD's word for it. The setup survived the hacker Olympics with no downtime. THAT is what is special about it.
Reply to This
Parent
Rouge AP's? (Score:5, Funny)
Reply to This
Parent
Re:I fail to see what's so spectacular about this (Score:5, Insightful)
Here is what is special about this:
You missed what was really special about this: If you want into defcon's network operations center, tell them you're from Wired and you just want to take a few pictures. Butter them up real good about how awesome they are for managing such a hostile environment, etc.
I expect this exploit to not work a second time.
Reply to This
Parent
Re:I fail to see what's so spectacular about this (Score:5, Funny)
Reply to This
Parent
Do people get in trouble for any of this? (Score:5, Interesting)
I've never been to DefCon before, so I'm just curious... do people actually get in trouble for any of the things they do there? If you do a man in the middle attack, do people get mad? Or is it just assumed that anyone on this network is fair game and you can 0wn them as you see fit?
Reply to This
Parent
You forgot (Score:4, Funny)
4) Profit!
Reply to This
Parent
Re:I fail to see what's so spectacular about this (Score:4, Insightful)
I highly doubt that :)
Anybody that claims he/she is a hacker is most likely not.
These are the 'l33t' script kiddies and such, they couldn't hack their way out of a paper back if someone didn't provide a fill-in-the-blanks kit that they can download.
Anybody that really is a hacker is already in your system, just not bragging about it.
It's like lock picking, if you're really good at it you keep your mouth shut so that if some stuff disappears you're not going to be #1 on everybody's suspect list.
Reply to This
Parent
Re:I fail to see what's so spectacular about this (Score:5, Funny)
Yes, but if you say away they may then suspect that you are, in fact, an elite black hat hacker who is staying away precisely to draw suspicion away from yourself, so in fact a real black hat hacker should, in fact, be there or they will immediately be suspected of being a real black hat hacker.
Never go in against a Sicilian when death is on the line.
Reply to This
Parent
Re:ZOMG! (Score:5, Funny)
So, which side of the firewall is the "untrusted" side at defcon? Do they protect defcon from the internet, or do they protect the internet from DefCon?
Reply to This
Parent